Payment Channel Returning Limited Use Proxy Dynamic Value

ABSTRACT

A central platform provides proxy dynamic values for any one of a number of a cardholder&#39;s portable payment devices, upon a request for such information made during a transaction. The proxy dynamic value can be provided to the merchant, who then can route it into the acceptance network in order to initiate the authentication process. The central platform provides the actual primary account number associated with the proxy dynamic value during the authentication process.

CROSS-REFERENCES TO RELATED APPLICATIONS

This application claims priority from U.S. Provisional Application No. 61/288,210 filed Dec. 18, 2009, which is incorporated herein by reference in its entirety for all purposes.

BACKGROUND

Current e-commerce payment practices typically require cardholders to provide a significant amount of personal and financial information to merchants. In an e-commerce or m-commerce environment, providing traditional payment detail to the merchant (e.g., card number, expiration date, billing address etc.) is often viewed as onerous and intrusive, and can very well deter potential consumers from participating in an online transaction. For merchants, the resistance in participation represents unrealized opportunities in direct sales of goods and/or services and lost opportunities for the introduction of new channels of commerce and retailing strategies.

Embodiments of the invention address these problems and other problems individually and collectively.

BRIEF SUMMARY

In embodiments of the present invention, A proxy dynamic value (token) may be issued in connection with a transaction between a cardholder and a merchant. The proxy dynamic value may then be used to obtain to an actual PAN of a portable payment device (e.g., credit card, pre-paid card, debit card, etc.) of the cardholder. The actual PAN may then be routed to the issuing bank of the portable payment device to continue with the transaction.

In embodiments of the present invention, a central platform stores cardholder data. The central platform may issue a proxy dynamic value to a cardholder or to a merchant with whom the cardholder is conducting a transaction. The proxy dynamic value may then be subsequently routed back to the central platform in order to obtain an actual PAN of a portable payment device of the cardholder. The actual PAN may then be routed to the issuing bank of the portable payment device in order to continue with the transaction.

In embodiments of the present invention, a cardholder may transmit a request to a central platform, in connection with a transaction with a merchant, in order to generate a proxy dynamic value which is associated with an actual PAN of a portable payment device issued to the cardholder. The proxy dynamic value may then be provided to the merchant's acquiring bank. The proxy dynamic value may then be substituted with the associated actual PAN, and the actual PAN may then be routed to the issuing bank that had issued the portable payment device.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1A is a generalized representation of a system according to an embodiment of the present invention.

FIG. 1B is a flowchart illustrating a method according to an embodiment of the present invention.

FIGS. 2-8 are flow diagrams of transaction processing scenarios contemplated in accordance with embodiments of the present invention.

FIG. 9 is a generalized diagram of a computer system embodiment of the present invention.

FIG. 10 illustrates various advantages provided by embodiments of the present invention.

DETAILED DESCRIPTION

Embodiments of the present invention include centrally storing and registering cardholder data, and allowing access to the data when making a purchase in any of numerous payment environments. Cardholder data may include data related to a portable payment device. Common examples of portable payment devices include credit cards, pre-paid cards (e.g., gift cards), and so on.

The cardholder data typically includes a primary account number (PAN) that is associated with the portable payment device; for example, the sixteen digit number that is embossed on credit cards. Conventionally, when a cardholder desires to conduct a transaction for goods or services using their portable payment device, the PAN is provided to the merchant; e.g., the merchant swipes a credit card, or the cardholder may speak it to the merchant in the case of a card not present transaction, and so on. Processing to authenticate the transaction typically begins when the merchant routes or otherwise forwards the PAN (typically, along with other data) to its acquiring bank (acquirer). The acquirer typically routes the PAN and any related data to the issuing bank (issuer) that issued the portable payment device. The issuer may authorize or deny the requested transaction, and authentication processing of the transaction then proceeds to conclusion (either with an “approval” or “denial” of the transaction) in a conventionally known manner. The transaction may then be completed accordingly.

Various components illustrated in FIG. 1A may be involved in conducting a transaction according to embodiments of the present invention. The cardholder (consumer) 102 may be an individual or a business entity to whom a portable payment device (e.g., credit card, debit card) is issued by an Issuer 104 (issuing bank). The Issuer 104 is typically a bank or other suitable financial entity that issues portable payment devices. The cardholder 102 may make a purchase of goods and/or services from a Merchant 110 using the portable payment device. The purchase may be made in-person (face-to-face) or as a card-not-present (CNP) transaction, e.g., via an online connection (e.g., over the Internet) or via a mobile communication device, and so on.

A payment processing network 106 may mediate a transaction between the cardholder 102 and merchant 110. Typically, the payment processing network 106 also settles accounts between the Issuer 104 and an Acquirer 108 (acquiring bank) in connection with the day's transactions (purchase, refunds, etc.) made between cardholders and the Merchant 110. Examples of payment processing networks include MasterCard, Visa, Discover, and the like. The Acquirer 108 is typically a financial entity (e.g., a bank) that holds and manages a financial account of the Merchant 110 in connection with the Merchant's business. In embodiments, the cardholder's mobile communication device 102 a (e.g., cell phone, PDA—personal data assistant, and the like) may be used in the transaction.

In embodiments of the present invention, a central platform 112 may provide suitable storage (e.g., database) to store cardholder information, such as account information (e.g., primary account number (PAN), expiration date, and so on) for each portable payment device owned by the cardholder. Cardholder information may further include the cardholder's billing address(es), phone number(s), email address(es), and so on. The central platform 112 may populate its database with such information by “enrolling” cardholders.

The cardholder 102 may establish a relationship with the central platform 112 and enroll one or more of their portable payment devices with the central platform. In an embodiment, the enrollment process may include the cardholder 102 providing to the central platform 112 the card numbers (e.g., PANs) for one or more of their credit cards, or pre-paid cards, and so on. For example, enrollment may be performed online using a suitable web browser. Enrollment may further include the cardholder 102 providing the central platform with communication information that can be used to establish a communication channel with the cardholder 102. The communication information may be used to establish communication with the cardholder's mobile communication device 102 a. For example, communication information may be a cell phone number of the mobile communication device 102 a. The communication information may be an email address, and so on.

Enrollment may also include establishing verification information with the cardholder 102. For example, a personal identification number (PIN) for the cardholder may be created. Verification may include the use of a cryptogram. For example, the enrollment process may include storing a secure cryptographic key on the mobile communication device 102 a, which can then be used to generate a cryptogram. The purpose of these security features will be explained below.

FIGS. 2-8 illustrate typical transaction scenarios in accordance with embodiments of the present invention. Before a discussion of the illustrative scenarios is given, however, a general description of transaction processing in accordance with aspects of the present invention will be provided with reference to FIGS. 1A and 1B.

Generally, in embodiments, a transaction begins with a cardholder 102 making a purchase (whether in-person, online, or over the telephone and so on), step 202. At step 204, a request may be sent by a requestor to the central platform 112 to obtain a proxy dynamic value (e.g., token, temporary PAN, alias, and the like) from the central platform. In embodiments, the requestor may be the merchant 110 or the cardholder 102.

In embodiments where the merchant 110 may send the request for a proxy dynamic value to the central platform 112, the cardholder 102 may provide communication information to the merchant who would include it in their request to the central platform 112. For example, suppose the merchant 110 is an online merchant (e.g., Amazon) with whom the cardholder 102 has established an account. The cardholder's account may include the cardholder's cell phone number, which the merchant can include in their request to the central platform 112. As another example, the cardholder 102 may simply speak the communication information to the merchant 110, in the case of a telephone call order.

Continuing with FIG. 1B, in response to receiving a request for a proxy dynamic value from the requestor, the central platform 112 may communicate (step 206) with the cardholder 102 in order to identify a selected portable payment device from among one or more portable payment devices that have been previously enrolled with the central platform. For example, the central platform 112 may use the communication information to contact the cardholder 102. The selection process may include the central platform 112 providing the cardholder 102 with a list of portable payment devices the cardholder had been enrolled with the central platform. For example, the list may be displayed on the cardholder's mobile communication device 102 a.

For security reasons, this step may include verification processing, or some form of authentication, in order to verify the cardholder 102 in order to protect the cardholder 102 and/or merchant 110 from fraudulent or otherwise unauthorized transactions. For example, a one-factor authentication (e.g., “something I know” authentication) may be conducted whereby a PIN must be provided to the central platform 112. Another type of one-factor authentication (e.g., “something I have” authentication) may use of an SE (Secure Element) chip having a secret key that can generate a unique dynamic cryptogram that is communicated to the central platform 112. The secret key may be provided to the SE chip by the central platform 112 during enrollment. Where additional security is desired, a multi-factor authentication approach may be employed by combining two or more one-factor authentication procedures.

In a step 208, the central platform 112 may associate a proxy dynamic value (token) with the received selection of the cardholder's portable payment device. In an embodiment, the proxy dynamic value can be generated by the central platform 112. In an embodiment, the proxy dynamic value can be generated by the issuing bank 104 that issued the selected portable payment device.

The proxy dynamic value may be an arbitrary value that can be mapped to or otherwise associated with the PAN of the selected portable payment device, but otherwise does not reveal the actual PAN of the selected portable payment device. The proxy dynamic value may be used only once, or may have a limited number of uses, or may have a limited time, or its use may otherwise be limited based on other criteria. By limiting the “lifetime” of the proxy dynamic value, the risk of fraud can be reduced.

In an embodiment, the proxy dynamic value can be formatted like a sixteen digit primary account number of a credit card. This would be suitable for use in a legacy system where the existing acceptance network (e.g., the communication infrastructure interconnecting the merchant, acquirer, payment processor, and issuer) recognizes conventional sixteen digit primary account numbers, and thus would not need to be modified for operation in accordance with the present invention. Generally, however, the proxy dynamic value may comprise any suitable data format and/or data.

In a step 210, the central platform 112 may provide the proxy dynamic value to a recipient. In an embodiment, the proxy dynamic value may be communicated directly to the merchant 110. In an embodiment, the proxy dynamic value may be communicated to the cardholder 102, who can then communicate the proxy dynamic value to the merchant 110.

In a step 212, the transaction may then be authenticated using the proxy dynamic value. In embodiments, the merchant 110 may receive the proxy dynamic value and route the proxy dynamic value to its acquiring bank 108 as part of the standard authentication process. The acquiring bank 108, in turn, may then route the proxy dynamic value to the payment processing network 106. In an embodiment, the processing network 106 may communicate with the central platform 112, and use the received proxy dynamic value to obtain the actual PAN that corresponds to the selected portable payment device. The payment processing network 106 may then route the actual PAN received from the central platform 112 to the issuing bank 104 in order to continue with the authentication process.

In an embodiment, the processing network 106 may route the proxy dynamic value directly to the issuing bank 104. For example, where the issuing bank 104 is the entity that provided the proxy dynamic value in the first place, then the issuing bank can determine the actual account number of the selected portable payment device in order to continue with the authentication process. However, if the central platform 112 had generated the proxy dynamic value which was then routed directly to the issuing bank 104, then the issuing bank may communicate with the central platform to obtain the corresponding actual PAN. Either way, when the issuing bank 104 gains possession of the actual PAN, it may then continue with the authentication process, and the transaction can then be concluded in accordance with the results of the authentication.

A discussion of some illustrative transaction scenarios in accordance with embodiments of the present invention will now be given in connection with FIGS. 2-8. In each figure, transaction or data flows and processes are indicated by numbered circles. An enrollment process, such as the one explained above, is identified in each figure by the circle numbered zero (step 0).

FIG. 2 illustrates a typical transaction scenario (scenario 1) in accordance with an embodiment of the present invention for online purchasing (e.g., using a web browser), which is a class of transactions generally referred to as “card not present” (CNP) transactions. In this embodiment, the merchant 110 requires no integration with the central platform 112.

A transaction may commence, for example, with a cardholder 102 making an online purchase with the merchant 110 using a web browser. At steps 1-3, the cardholder 102 may send a request to the central platform 112 for a proxy dynamic value using a mobile application running on their mobile communication device 102 a. The cardholder 102 may interact with the central platform 112 to select a portable payment device from a list of portable payment devices with which to conduct the transaction as described above. Also as explained above, this may include a verification process to verify the cardholder 102.

At step 4, if the cardholder 102 is verified, the central platform 112 may respond with a proxy dynamic value. In an embodiment, the proxy dynamic value may be a temporary PAN (TPAN) that is not the actual PAN of the selected portable payment device. The central platform 112 may provide the TPAN and related card-type information such as expiry date and a CVV (card verification value) to the cardholder's mobile communication device 102 a. The received information can be displayed on the cardholder's mobile communication device 102 a. At step 5, the cardholder 102 can then provide the TPAN and any related information to the merchant 110, for example, by entering the data into data fields of the merchant's online shop using the web browser.

Authentication processing may include the merchant 110 routing the TPAN to the acquirer 108 (step 6), who then sends it to the payment network 106 (step 7). The payment network 106 may then route the TPAN to the central platform 112 (step 8), which then substitutes the received TPAN with an actual PAN and sends it back to the payment network (step 9). The payment network 106 may then route the actual PAN to the issuer 104 (step 10) in order to continue with the authentication process. It is noted that during the clearing process (e.g., at the end of the business day), a similar TPAN substitution process may be performed in order to map to actual PANs.

FIG. 3 illustrates a typical transaction scenario (scenario 2) in accordance with an embodiment of the present invention for online purchasing in which the merchant 110 operates in conjunction with the central platform 112 to service transactions.

A transaction may commence, for example, with a cardholder 102 making an online purchase with the merchant 110 using a web browser (step 1). During the check out process, the cardholder 102 may provide their communication information (e.g., cell phone number) to the merchant website, instead of their credit card information as is typically done. At step 2, the merchant 110 or a merchant-provided browser plug-in may send a request to the central platform 112 for a proxy dynamic value, including providing the cell phone number to the central platform. At steps 3 and 4, the central platform 112 may establish communication with the cardholder 102 in response to receiving the request so that the cardholder can select a portable payment device as explained above, including perhaps conducting a verification process to verify the cardholder.

At step 5, if the cardholder 102 is verified, the central platform 112 may respond with a proxy dynamic value. In an embodiment, the proxy dynamic value may be a temporary PAN (TPAN). The central platform 112 may send the TPAN to the merchant 110, along with ancillary information such as the cardholders' shipping address and billing address.

Authentication processing may include the merchant 110 routing the TPAN to the acquirer 108 (step 6), who then sends it to the payment network 106 (step 7). The payment network 106 may then route the TPAN to the central platform 112 (step 8), which then substitutes the received TPAN with an actual PAN and send it back to the payment network (step 9). The payment network 106 may then route the actual PAN to the issuer 104 (step 10) to complete the authentication process. It is noted that during the clearing process (e.g., at the end of the business day), a similar TPAN substitution may be performed.

The merchant 110 may provide a transaction report (step 11) to the central platform 112 for subsequent cardholder accounting purposed.

FIG. 4 illustrates a typical transaction scenario (scenario 3) in accordance with an embodiment of the present invention for “face to face” transactions where the cardholder 102 is physically present (a class of transactions generally referred to as “card present” transactions). In this embodiment, the merchant 110 requires no integration with the central platform 112.

A transaction may commence, for example, with a cardholder 102 using a mobile application running on their mobile communication device 102 a to pre-select an order at the merchant 110 (step 1). At step 2, the cardholder 102 may send a request to the central platform 112 for a proxy dynamic value. The central platform 112 may then establish communication with the cardholder 102 in response to receiving the request in order to identify a selected portable payment device from the cardholder as describe above, including perhaps conducting a verification process to verify the cardholder.

At step 3, if the cardholder 102 is verified, the central platform 112 may with a proxy dynamic value. In an embodiment, the proxy dynamic value may be a temporary PAN (TPAN). The central platform 112 may provide the TPAN as a 2-dimensional (2D) barcode MMS and other order information. At step 4, the cardholder 102 can then provide the TPAN and other order information to the merchant 110, for example, using near-field communications (NFC) technology if the mobile communication device 102 a and the merchant 110 are suitably equipped. In an embodiment, the merchant 110 may use a barcode reader to scan the information off of the cardholder's mobile communication device 102 a.

Where the cardholder's mobile communication device 102 a has NFC, the merchant's NFC device may receipt information for the transaction to the cardholder's mobile communication device. The mobile communication device 102 a may then pass such information back to the central platform 112 where it may be stored for subsequent cardholder accounting purposes (step 5).

Authentication processing may include the merchant 110 routing the TPAN to the acquirer 108 (step 6), who then sends it to the payment network 106 (step 7). The payment network 106 may then route the TPAN to the central platform 112 (step 8), which then substitutes the received TPAN with an actual PAN and send it back to the payment network (step 9). The payment network 106 may then route the actual PAN to the issuer 104 (step 10) to complete the authentication process. It is noted that during the clearing process (e.g., at the end of the business day), a similar TPAN substitution may be performed.

FIG. 5 illustrates a typical transaction scenario (scenario 4) in accordance with an embodiment of the present invention for “face to face” transactions in which the merchant 110 operates in conjunction with the central platform 112 to service transactions.

A transaction may commence, for example, with a cardholder 102 using a mobile application running on their mobile communication device 102 a to pre-select an order at the merchant 110 (step 1). At step 2, the cardholder 102 may send a request to the central platform 112 for a proxy dynamic value. The central platform 112 may then establish communication with the cardholder 102 in response to receiving the request in order to identify a selected portable payment device from the cardholder as describe above, including perhaps conducting a verification process to verify the cardholder.

At step 3, the central platform 112 may send order details and an invoice number for the order to the merchant 110, allowing the merchant to begin preparing the order.

At step 4, if the cardholder 102 is verified, the central platform 112 may respond to the mobile communication device 102 a with a proxy dynamic value. In an embodiment, the proxy dynamic value may be a temporary PAN (TPAN). The central platform 112 may provide the TPAN as a 2-dimensional bar code MMS along with other order information. The central platform 112 may send the invoice number from step 3 represented as a near-field communication (NFC) tag or a 2D barcode.

At step 5, the cardholder 102 can then provide the TPAN and other order information to the merchant 110, for example using NFC technology, if the mobile communication device 102 a and the merchant 110 are suitably equipped. In an embodiment, the merchant 110 may use a barcode reader to scan the information off of the cardholder's mobile communication device 102 a. The merchant 110 can then compare the information with its own data and provide the order to the cardholder 102.

Authentication processing may include the merchant 110 routing the TPAN to the acquirer 108 (step 6), who then sends it to the payment network 106 (step 7). The payment network 106 may then route the TPAN to the central platform 112 (step 8), which then substitutes the received TPAN with an actual PAN and sends the actual PAN to the payment network (step 9). The payment network 106 may then route the actual PAN to the issuer 104 (step 10) to complete the authentication process. It is noted that during the clearing process (e.g., at the end of the business day), a similar TPAN substitution may be performed.

The merchant 110 may provide a transaction report (step 11) to the central platform 112 for subsequent cardholder accounting purposed.

FIG. 6 illustrates a typical transaction scenario (scenario 5) in accordance with an embodiment of the present invention for mobile and remote purchasing (e.g., using a cell phone), another example of the class of transactions generally referred to as “card not present” (CNP) transactions. In this embodiment, the merchant 110 does not involve direct communication with the central platform 112.

A transaction may commence, for example, with a cardholder 102 using their mobile communication device 102 a to make a purchase (step 1). For example, FIG. 6 shows a merchant application 122 b (i.e., software) provided in, and executing on, the mobile communication device 102 b. At step 2, during check-out processing, the merchant application 122 b may communicate with a platform application 122 a (i.e., software) also executing on the mobile communication device 102 a to send a request for a proxy dynamic value to the platform application. At sep 3, the platform application 122 a may interact with the cardholder 102 in order to identify a selected portable payment device from the cardholder as described above, including perhaps conducting a verification process to verify the cardholder. The platform application 122 a may then forward the selected portable payment device to the central platform 112.

At step 4, if the cardholder 102 is verified, the central platform 112 may respond to the platform application 122 a with a proxy dynamic value. In an embodiment, the proxy dynamic value may be a temporary PAN (TPAN). The central platform 112 may provide the TPAN and related card-type information such as expiry date and a CW (card verification value) to the cardholder's mobile communication device 102 a.

At step 5, the platform application 122 a may then forward the received information to the merchant application 122 b. At step 6, the merchant application 122 b may communicate the TPAN and related card details as well as payment order information to a merchant backend server system 122 c of the merchant 110.

Authentication processing may include the merchant backend server 122 c routing the TPAN to the acquirer 108 (step 7), who then sends it to the payment network 106 (step 8). The payment network 106 may then route the TPAN to the central platform 112 (step 9), which then substitutes the received TPAN with an actual PAN and sends it back to the payment network (step 10). The payment network 106 may then route the actual PAN to the issuer 104 (step 11) in order to continue with the authentication process. It is noted that during the clearing process (e.g., at the end of the business day), a similar TPAN substitution may be performed.

FIG. 7 illustrates a typical transaction scenario (scenario 6) in accordance with an embodiment of the present invention for mobile and remote purchasing (e.g., using a cell phone) wherein the merchant 110 communicates with the central platform 112.

A transaction may commence, for example, with a cardholder 102 using their mobile communication device 102 a to make a purchase (step 1). For example, FIG. 7 shows a merchant application 122 b provided in, and executing on, the mobile communication device 102 b. At step 2, during check-out processing, the merchant application 122 b may communicate with a platform application 122 a also executing on the mobile communication device 102 a to send a request for a proxy dynamic value to the platform application. At sep 3, the platform application 122 a may interact with the cardholder 102 in order to identify a selected portable payment device from the cardholder as explained above, including perhaps conducting a verification process to verify the cardholder. The platform application 122 a may then forward the selected portable payment device to the central platform 112. At step 4, if the cardholder 102 is verified, the central platform 112 may send a proxy dynamic value (e.g., a TPAN) along with purchase order information to the merchant backend server 122 c of the merchant 110.

Authentication processing may include the merchant backend server 122 c routing the TPAN to the acquirer 108 (step 5), who then sends it to the payment network 106 (step 6). The payment network 106 may then route the TPAN to the central platform 112 (step 7), which then substitutes the received TPAN with an actual PAN and sends it back to the payment network (step 8). The payment network 106 may then route the actual PAN to the issuer 104 (step 9) in order to continue with the authentication process. It is noted that during the clearing process (e.g., at the end of the business day), a similar TPAN substitution may be performed.

FIG. 8 illustrates a typical transaction scenario (scenario 7) in accordance with an embodiment of the present invention for another example of mobile and remote purchasing (e.g., using a cell phone) wherein the merchant 110 communicates with the central platform 112.

A transaction may commence, for example, with a cardholder 102 using their mobile communication device 102 a to make a purchase (step 1). For example, FIG. 8 shows a merchant application 122 b provided in, and executing on, the mobile communication device 102 b. At step 2, during check-out processing, the merchant application 122 b may communicate the merchant backend server 122 c of the merchant 110 to send purchase order information to the backend server. At step 3, the merchant backend server 122 c may send a request for a proxy dynamic value to the central platform 112.

At steps 4 and 5, the central platform 112 may interact with the cardholder 102 in order to identify a selected portable payment device from the cardholder as describe above, including perhaps conducting a verification process to verify the cardholder. At step 6, if the cardholder 102 is verified, the central platform 112 may send a proxy dynamic value (e.g., a TPAN) to the merchant backend server 122 c of the merchant 110.

Authentication processing may include the merchant backend server 122 c routing the TPAN to the acquirer 108 (step 7), who then sends it to the payment network 106 (step 8). The payment network 106 may then route the TPAN to the central platform 112 (step 9), which then substitutes the received TPAN with an actual PAN and sends it back to the payment network (step 10). The payment network 106 may then route the actual PAN to the issuer 104 (step 11) in order to continue with the authentication process. It is noted that during the clearing process (e.g., at the end of the business day), a similar TPAN substitution may be performed.

FIG. 9 illustrates a computer system that can be used to implement computer system embodiments of the present invention. In an embodiment, the computer system may include an interface such as a video display device. The interface may be a web portal that a user can access over the internet. The web portal may include a login screen for subscribers. The interface may be a GUI delivered to a mobile communication device, such as a PDA or cellular phone.

Any of the entities or components described above may include one or more of the subsystems or components shown in FIG. 9. The subsystems shown in the figure are interconnected via a system bus 975. Additional subsystems such as a printer 974, keyboard 978, fixed disk 979, monitor 976, which is coupled to display adapter 982, and others are shown. Peripherals and input/output (I/O) devices, which couple to I/O controller 971, can be connected to the computer system by any number of means known in the art, such as serial port 977. For example, serial port 977 or external interface 981 can be used to connect the computer apparatus to a wide area network such as the Internet, a mouse input device, or a scanner. The interconnection via system bus allows the central processor 973 to communicate with each subsystem and to control the execution of instructions from system memory 972 or the fixed disk 979, as well as the exchange of information between subsystems. The system memory 972 and/or the fixed disk 979 may embody a computer readable medium that causes the central processor 973 to perform steps described above.

Any of the software components or functions described in this application, may be implemented as software code to be executed by a processor using any suitable computer language such as, for example, Java, C++ or Perl using, for example, conventional or object-oriented techniques. The software code may be stored as a series of instructions, or commands on a computer readable medium, such as a random access memory (RAM), a read only memory (ROM), a magnetic medium such as a hard-drive or a floppy disk, or an optical medium such as a CD-ROM. Any such computer readable medium may reside on or within a single computational apparatus, and may be present on or within different computational apparatuses within a system or network.

The above description is illustrative and is not restrictive. Many variations of the invention will become apparent to those skilled in the art upon review of the disclosure. The scope of the invention should, therefore, be determined not with reference to the above description, but instead should be determined with reference to the pending claims along with their full scope or equivalents.

One or more features from any embodiment may be combined with one or more features of any other embodiment without departing from the scope of the invention.

A recitation of “a”, “an” or “the” is intended to mean “one or more” unless specifically indicated to the contrary.

FIG. 10 illustrates an overview of embodiments of the present invention and a brief summary of value-added benefits to participants of the four-party payment model.

Advantages of the disclosed embodiments include reducing undue friction for cardholders in the checkout process of an e-commerce or m-commerce transaction, providing a secure checkout process without the intrusive inquiries of personal information from the cardholder. The cardholder can use their phone as a personal and trusted payment device when making a purchase across, theoretically, any payment environment. The cardholder experience includes a streamlined check-out process: he needs only enter his cell phone number. The transaction is more secure, whether conducted in person or online or via a mobile device, since no real data about the card is exchanged between the cardholder and the Merchant. Flexibility in desired security is easily provided, whether one- or two-factor authentication. The cardholder can easily choose from among multiple portable payment devices (e.g., multiple credit cards) on their cell phone. Embodiments also facilitate record keeping by storing transaction receipts to manage payments.

Merchants benefit from the disclosed embodiment from increased participation in online commercial activity and increase opportunities through new online channels and retailing strategies. Merchants also benefit from reduced fraud due to strong authentication options (one- or two-factor authentication) and via the use of a proxy dynamic value such as a temporary PAN. A faster check-out process allows the Merchant to quickly conclude the transaction process so that he can move on to the next customer. Access to the cardholder's information (e.g., address) is easily efficiently accomplished without added cardholder friction.

Embodiments of the present invention may even benefit cell service carriers. For example, embodiments of the present invention may enhance the value of cell phones and other mobile device, and thus drive the demand for such devices for use as purchase and payment tools. 

1-20. (canceled)
 21. A method for facilitating a mobile transaction, the method comprising: in response to initiation of the mobile transaction by a user using a merchant application provided in, and executing on, a mobile device, receiving by a computer system, a request to obtain a proxy dynamic value that is to be associated with the mobile transaction from the mobile device; responsive to the computer system authenticating the user, providing to the mobile device, a list of portable payment devices the user has enrolled with the computer system; receiving, by the computer system, a selection of a portable payment device from the list of portable payment devices from the mobile device; generating and associating by the computer system, the proxy dynamic value associated with the mobile transaction, the proxy dynamic value being distinct from and corresponding to a primary account number (PAN) of the portable payment device; transmitting, by the computer system, the proxy dynamic value to the mobile device, wherein the mobile device further transmits the proxy dynamic value to a merchant server; receiving, by the computer system, the proxy dynamic value from the merchant server; and processing by the computer system, the mobile transaction based on obtaining the primary account number associated with the proxy dynamic value.
 22. The method of claim 21, wherein the computer system receives the request to obtain the proxy dynamic value from an application executed on the mobile device.
 23. The method of claim 21, wherein the computer system transmits the proxy dynamic value to an application executed on the mobile device, and wherein the application further transmits the proxy dynamic value to the merchant application executed on the mobile device.
 24. The method of claim 23, wherein the merchant application executed on the mobile device transmits the proxy dynamic value to the merchant server.
 25. The method of claim 21, wherein the proxy dynamic value is in a similar format as the primary account number.
 26. The method of claim 21, wherein the proxy dynamic value is valid during a single mobile transaction.
 27. The method of claim 21, wherein the computer system receives the proxy dynamic value from the merchant server via an acquirer computer of an acquirer associated with the merchant server.
 28. The method of claim 21, wherein the list of portable payment devices include one or more of credit cards, debit cards, or pre-paid cards.
 29. The method of claim 21, wherein the computer system authenticates the user based on a cryptogram generated by the mobile device, the cryptogram being generated by a secret key provided to the mobile device by the computer system.
 30. The method of claim 21, wherein the computer system is distinct from an issuer computer and distinct from an acquirer computer.
 31. The method of claim 21, wherein the mobile transaction is conducted during an online purchase with a merchant using the merchant application that is executed on the mobile device.
 32. A computer system comprising; a processor; and a computer readable medium coupled to the processor, the computer readable medium comprising code, executable by the processor to implement a method comprising in response to initiation of a mobile transaction by a user using a merchant application provided in, and executing on, a mobile device, receiving a request to obtain a proxy dynamic value that is to be associated with the mobile transaction from the mobile device; providing to the mobile device, a list of portable payment devices the user has enrolled with the computer system; receiving a selection of a portable payment device from the list of portable payment devices from the mobile device; generating and associating the proxy dynamic value associated with the mobile transaction, the proxy dynamic value being distinct from and corresponding to a primary account number (PAN) of the portable payment device; transmitting the proxy dynamic value to the mobile device, wherein the mobile device further transmits the proxy dynamic value to a merchant server; receiving the proxy dynamic value from the merchant server; and processing the mobile transaction based on obtaining the primary account number associated with the proxy dynamic value.
 33. The computer system of claim 32, wherein the computer system receives the request to obtain the proxy dynamic value from an application executed on the mobile device.
 34. The computer system of claim 32, wherein the computer system transmits the proxy dynamic value to an application executed on the mobile device, and wherein the application further transmits the proxy dynamic value to the merchant application executed on the mobile device.
 35. The computer system of claim 32, wherein the proxy dynamic value is in a similar format as the primary account number.
 36. The computer system of claim 32, wherein the computer system receives a transaction report of the mobile transaction from the merchant server.
 37. The computer system of claim 32, wherein the computer system is distinct from an issuer computer and distinct from an acquirer computer.
 38. The computer system of claim 32, wherein the proxy dynamic value is valid during a single mobile transaction.
 39. The computer system of claim 32, wherein the computer system receives the proxy dynamic value from the merchant server via an acquirer computer of an acquirer associated with the merchant server.
 40. The computer system of claim 32, wherein the list of portable payment devices include one or more of credit cards, debit cards, or pre-paid cards. 